Wireless Hackers - What CAN they do?

I was discussing the advantages/disadvatages of the different levels of wirelss security for 802.11 wirless networks. Someone said they leave theirs wide open because they dont feel anyone can do anything if they do pickup the signal outside his house. "What CAN they do?". I know you can port scan and look for vulnerabilites, but are there more serious and direct hacks where you can gain access?

What is possible once you are on the same router and subnet by picking up a stray signal?

If security is based on WEP then hackers can sniff packets. WEP keys are static and not dynamic. Because of that it depends on the traffic on the WLAN how long it takes to find out the keys and to hack the net.

I know people who don't care about WLAN security because they won't see any problems if others using their network infrastructure. It doesn't disturb if others are able to use the WLAN to get internet access. From my point of view this can cause problems too: If hackers use the cracked WLAN access to start DoS attacks against remote servers then this will be done with the IP address(es) of the WLAN owner. If the attacked site goes down and they were able to find out the attacking IP the WLAN owner will be responsible for possible loss of money and so on.

As Ghana said, most people don't really care because they believe that there is nothing terribly important on the network. One of the most useful things for someone to exploit is the antonymity of somebody else's Internet connection. As said, they could launch bot attacks using your IP (the attack would be likely traced back to you because if they're using your connection, they're not terribly interested in using a bunch of proxies to cover their tracks.) They might not be the script-kiddy type, but a real criminal might use the connection to send messages to cohorts. Not to get too far flung with this, but if a terrorist wanted a means of hard-to-trace communication, they could easily get a laptop with a parabolic antenna, go driving and find a nice suburban neighborhood with lots of insecure WAPs. I know, getting a little Tom Clancy here...

All of the above stuff would assume that the attacker is in proximity of your WLAN. If somebody is standing on the sidewalk in front of your home with a laptop, you might be able to figure out what he/she is up to. However, since most people don't change the default password on their router/AP, they can easily access the configuration and open ports to your network. Then they could go home and take their time figuring out a way to get into your computer, install some sort of BS server (kazaa, gaming, DDoS bot, etc.)

Basically with enough time and resources, they could basically do whatever they want. Sniff packets, send you to fake web sites steal passwords, steal credit card numbers, make you cry. You get the picture.

Would you want complete strangers to have access to your telephone? Not much different really.

The average idiot isn't going to stumble upon anything by accident, but if a little snooping is done, much can be found.

Since they are technically "inside" of your network, most firewalls aren't going to stop them. Even if you use a software firewall like ZoneAlarm, you will likely be unprotected (most people put their internal network into the "safe zone" in order to share files and such). Once they're inside of your network they only thing stopping them is Windows itself. While people like to take potshots at Windows for being insecure it's not exactly easy to break in without a little work. If the computer in question hasn't had any sort of updates AND file and print sharing is turned on, you're quite vulnerable. Using a common port scanner like nmap (www.insecure.org) one could figure out if there are any open ports (of which there should be plenty) and then devise a scheme to exploit them. Administrative/hidden shares (like C$ which is simply the root of your drive) is typically available and easy to get into if the user has a weak password. Certain programs can do brute-force password guessing attacks for weak passwords in just a few minutes.

To actually answer the quesion, it's not a walk in the park to break in, but it's not that hard if an experienced hacker sets to it.

To answer the greater question, a WLAN should always be secured as much as possible. Enable MAC filtering (though not tough to defeat), turn on WEP to the highest encryption available, disable SSID broadcasts and don't use channel 6 'cause everybody else uses it and it's the first place someone will look for a stray wireless connection.

To make a WLAN secure I would recommend to use WPA instead of WEP. Because WPA is using dynamic created keys it's impossible to get the key with sniffing. Of course you should choose a strong password with WPA.

if the wireless is unsecured thenanyone can connect to the network as if it were wired. have full access, use the internet print tons of pages on the printer look at documents on the computer, its as if it were art of the internal network. now if every pc on the internal network was so locked down that you cant do anything and dhcp was disabled then they cant do muchother than getting a link light unless they want to spend a LONG time port sniffing all the known ip's untill they fin the network.

0

Featured Post

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

In today's information driven age, entrepreneurs have so many great tools and options at their disposal to help turn good ideas into a thriving business. With cloud-based online services, such as Amazon's Web Services (AWS) or Microsoft's Azure, bus…

Security measures require Windows be logged in using Standard User login (not Administrator). Yet, sometimes an application has to be run “As Administrator” from a Standard User login. This paper describes how to create a shortcut icon to launch a…

This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so.
This will be demonstrated using Adobe Premiere Pro CS6.